Forgot your password?
Security IOS Iphone Power

Researchers Infect iOS Devices With Malware Via Malicious Charger 201

Posted by timothy
from the nobody-wants-some-iphone-with-a-social-disease dept.
Sparrowvsrevolution writes "At the upcoming Black Hat security conference in late July, three researchers at the Georgia Institute of Technology plan to show off a proof-of-concept charger that they say can be used to invisibly install malware on a device running the latest version of Apple's iOS. A description of their talk posted to the conference website describes how they were able to install whatever malware they wished on an Apple device within a minute of the user plugging it into their malicious charger, which they're calling 'Mactans' after the scientific name of a Black Widow spider. The malware-loaded USB plug is built around an open-source single-board computer known as a BeagleBoard, sold by Texas Instruments for a retail price of around $45. The researchers have contacted Apple about their exploit but haven't heard back from the company and aren't sharing more details of their hack until they do."
This discussion has been archived. No new comments can be posted.

Researchers Infect iOS Devices With Malware Via Malicious Charger

Comments Filter:
  • Re:Physical Access (Score:5, Informative)

    by Anonymous Coward on Monday June 03, 2013 @08:20AM (#43894819)

    This is not an "open the device and latch on to some henceforth unprotected internal signal" attack vector. Attaching the phone to someone else's charger is not unusual behavior. For the Olympic Games in London, Vodafone fitted 1000 taxis with mobile phone chargers.

  • No they aren't. With charging kiosks in malls and such, like these [] or these [] I would say that they are pretty common.

  • Re:Physical Access (Score:2, Informative)

    by AmiMoJo (196126) * <> on Monday June 03, 2013 @08:36AM (#43894927) Homepage

    And remember, all this is to support Apple's DRM that blocks 3rd party chargers (or at least prevents them using the fast charge rate).

    Providing phone chargers is a common courtesy in some countries, e.g. Japan. Most hotels and bars will have a load of chargers behind the front desk to lend out, for example.

  • Re:Public chargers (Score:4, Informative)

    by CyberSlugGump (609485) on Monday June 03, 2013 @08:50AM (#43895011)
    Or carry a modified cable where the USB power wires are connected but the data wires are not.

    If you don't want to DIY, take a look at this sync cable (iPhone 4S or earlier) [] which has an extra end for only charging.
  • Re:Possible Solution (Score:5, Informative)

    by jeffmeden (135043) on Monday June 03, 2013 @09:34AM (#43895399) Homepage Journal

    I dunno...but how is this new exploit "news" if there's utility utilities like PairLock to prevent it?

    Because you have to jailbreak in order to use PairLock? And um, jailbreaking is bad, mmkay?

  • Re:Physical Access (Score:5, Informative)

    by 0x000000 (841725) on Monday June 03, 2013 @12:04PM (#43896733)

    This is so completely wrong that I don't even know where to begin.

    1. Apple hasn't put DRM in their chargers
    2. Apple devices look for a certain voltage on the D+/D- traces to know whether they can charge at 100 mA, 500 mA, or more, specifically the iPad can draw more power
    3. Apple devices are also USB devices, when they connect to a USB host (such as the BeagleBone) they communicate using standard USB, that is the only ID string that gets sent back, along with a request for at least 500 mA of power to be provided by the host.
    4. This doesn't actually use any specific vulnerability, rather it uses the fact that when you connect an iOS device you can using a provisioning profile side-load apps onto the phone. This is generally done during development or for example in corporate settings. These same provisioning profiles can be used to disable certain features, or set up emails accounts, wifi passwords, and all that fun stuff, you know to provision a device in a corporate scenario.

    It's a shame that your comment got voted up as informative when it contains so much mis-information.

  • Re:Physical Access (Score:4, Informative)

    by BasilBrush (643681) on Monday June 03, 2013 @12:15PM (#43896877)

    This is just nonsense. USB spec limits the power available for charging. Lots of manufacturers have handshaking going on so that when their products are used with their own chargers, they abandon the spec limits and use this own limits. There's no other way of doing it whilst staying within the USB spec. It's got fuck all to do with drm and everything to do with making sure the charge rate is safe.

"It's curtains for you, Mighty Mouse! This gun is so futuristic that even *I* don't know how it works!" -- from Ralph Bakshi's Mighty Mouse